Cross-Server End-to-End Patient Key Agreement Protocol for DNA-Based U-Healthcare in the Internet of Living Things
Abstract
:1. Introduction
1.1. Research Problems
1.2. Contributions
- (1)
- I introduce a DNA-based U-healthcare application constructed in CS-E2E communication environments. In the proposed model, multiple servers provide U-healthcare services based on real-time DNA sequencing data produced by smart tiny sequencers with TGS technology in the IoLT network. Patients are allowed to share healthcare data with each other directly.
- (2)
- The protocol allows the patients to store single registered credentials on a smart card and enter the credentials once per session only. They are allowed to choose specific servers of a multi-server system from a list in the device to enjoy multiple registered services. I call this solution “smart-card-based single sign-on (SC-SSO)”. Furthermore, the proposed SC-SSO is designed without a centerless solution to alleviate communication cost and reduce the security risk of third-party authority compromise.
- (3)
- The authentication protocol is designed using three factors, combining password, smart card and biometrics. It can guarantee higher security for communications compared to the single-factor or two-factor solutions. In the protocol, a perfect forward secrecy of shared E2E session keys is assured. Patient anonymity and untraceability are provided in the protocol. Patients can also update their passwords and biometrics to ensure higher security.
- (4)
- The security proof of my proposed protocol is presented using formal verification tools, including the real-or-random (RoR) model and Burrows–Abadi–Needham (BAN) logic. In addition, an informal analysis is provided to further discuss the resistance to various security attacks, e.g., replay attacks, impersonation attacks, etc.
1.3. Paper Structure
2. Related Works
3. Technical Preliminaries
3.1. Smart Card Technology
3.2. Biohash Function
3.3. Elliptic Curve Cryptography (ECC)
3.4. Advanced Encryption Standard (AES)
3.5. Notations and Cryptographic Functions
4. Problem Statement
4.1. System Model
4.2. Adversarial Capabilities
- 𝒜 has control over the open internet. This means that 𝒜 can intercept, delete, insert or replay any transcript in each communication session.
- 𝒜 may steal the patients’ smart card and/or mobile device and then attempt to extract the secret credentials using power analysis [34].
- 𝒜 attempts to compromise the past messages communicated between patients once they have obtained secret values or even a session key of the current communication session.
- 𝒜 is a privileged insider of the system (e.g., admin) who may attempt to attack the patient’s registered information stored in ’s database.
- Legitimate patients or servers can behave as 𝒜 and trigger similar attacks on the system.
4.3. Formal Security Model
- Send(ℂ, ): 𝒜 is allowed to request to ℂ; ℂ replies to 𝒜 in accordance with the rules of the proposed protocol.
- Execute(): This passive attack allows 𝒜 to eavesdrop on the message communicated by and .
- Reveal(ℂ): In this attack, 𝒜 attempts to retrieve the session key generated by ℂ based on the rules of the protocol.
- Corrupt: In my proposed protocol, this query returns the password of the patient, the biometrics of the patient and the parameters stored on the smart card and the device to 𝒜 if , and , respectively.
- Test(ℂ): This query allows 𝒜 to request the session key from ℂ; ℂ replies to 𝒜 based on the probabilistic outcome of the coin tossed.
5. The Proposed Protocol
5.1. System Initialization Phase
5.2. Registration Phase
5.3. Login and Authentication Phase
5.4. Password and Biometrics Update Phase
6. Security Analysis
6.1. Formal Security Analysis Using RoR Model
- : Length of a hash value.
- : Length of a random number.
- : Length of a biometrics value.
- : Total number of hash oracle queries.
- : Total number of Send queries.
- : Total number of Execute queries.
- : List of hash oracle outputs.
- : List of random oracle results.
- : List of communicated messages between and .
- : Probability of biometrics false positive.
- : Zipf parameters.
6.2. Authentication Proof Using BAN Logic
- A |≡ X: A believes statement M.
- A ⊲ M: A sees statement M.
- #(M): Formula M is fresh.
- A |~ M: A once said statement M.
- (M, N): M or N is one part of formula (M, N).
- A ⟹ M: A has jurisdiction over statement M.
- : This represents M combined with formula N.
- : Value K is known only to A and B, and it is used for their communication.
- : Formula M is a secret known only by A and B. Only A and B can use M to authenticate each other.
- : Seeing rule (R1);
- : Interpretation rule (R2);
- : Freshness rule (R3);
- : Verification rule (R4);
- : Jurisdiction rule (R5);
- : Additional rule (R6).
- |≡ : Assumption 1 (A1);
- |≡ : Assumption 2 (A2);
- : Assumption 3 (A3);
- |≡ : Assumption 4 (A4);
- : Assumption 5 (A5);
- : Assumption 6 (A6).
- : According to Message 1, we have .
- : Based on R1 and A1, we obtain |≡ |~ .
- : Based on R2, we obtain |≡ |~ .
- : According to R3 and A2, we obtain |≡ #.
- : Based on R4, we obtain |≡ |≡ .
- : According to R5 and , we have |≡ .
- : Based on R6, we obtain |≡ , and |≡ .
- : According to A3 and , we obtain |≡ (G1 achieved).
- : According to Message 2, we have .
- : Based on R1 and A1, we obtain |≡ |~ .
- : Based on R2, we obtain .
- : Using R3, A4 and A5, we obtain .
- : Based on A6, and the rule of the protocol, we obtain |≡ (G2 achieved).
- : Using similar arguments of and for Message 3 and Message 4, we can obtain |≡ (G3 achieved) and |≡ (G4 achieved), respectively.
- : Based on A4, A5, A6, and , we obtain |≡ (G5 achieved).
- : Using similar arguments of , we can obtain |≡ (G6 achieved).
6.3. Informal Security Analysis
7. Performance Evaluation
7.1. Functionality
7.2. Communication Cost
7.3. Computation Cost
- : Time of running fuzzy extraction function.
- : Time of running a Chebyshev chaotic polynomial mapping.
- : Time of operating an EC point multiplication.
- : Time of operating an EC point addition.
- : Time of running a symmetric encryption or symmetric decryption.
- : Time of calculating a modular squaring.
- : Time of calculating a square root module 𝑁.
- : Time of running a hash function.
8. Conclusions
Funding
Data Availability Statement
Conflicts of Interest
References
- Normand, R.; Yanai, I. An introduction to high-throughput sequencing experiments: Design and bioinformatics analysis. In Deep Sequencing Data Analysis; Springer: Berlin/Heidelberg, Germany, 2013; Volume 1038, pp. 1–26. [Google Scholar]
- Grishin, D.; Obbad, K.; Estep, P.; Cifric, M.; Zhao, Y.; Church, G. Blockchain-Enabled Genomic Data Sharing and Analysis Platform; Nebula Genomics: San Francisco, CA, USA, 2018. [Google Scholar]
- Raza, K.; Qazi, S. Chapter 5—Nanopore sequencing technology and Internet of living things: A big hope for U-healthcare. In Sensors for Health Monitoring; Dey, N., Chaki, J., Kumar, R., Eds.; Academic Press: Cambridge, MA, USA, 2019; pp. 95–116. [Google Scholar]
- Pizzolante, R.; Castiglione, A.; Carpentieri, B.; De Santis, A.; Palmieri, F.; Castiglione, A. On the protection of consumer genomic data in the Internet of Living Things. Comput. Secur. 2018, 74, 384–400. [Google Scholar] [CrossRef]
- Bolognini, D.; Bartalucci, N.; Mingrino, A.; Vannucchi, A.M.; Magi, A. NanoR: A user-friendly R package to analyze and compare nanopore sequencing data. PLoS ONE 2019, 14, e0216471. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Shabani, M. Blockchain-based platforms for genomic data sharing: A de-centralized approach in response to the governance problems? J. Am. Med. Inform. Assoc. 2019, 26, 76–80. [Google Scholar] [CrossRef] [PubMed]
- Hsu, C.; Le, T.V.; Lu, C.F.; Lin, T.W.; Chuang, T.H. A Privacy-Preserved E2E Authenticated Key Exchange Protocol for Multi-Server Architecture in Edge Computing Networks. IEEE Access 2020, 8, 40791–40808. [Google Scholar] [CrossRef]
- Kumari, A.; Jangirala, S.; Abbasi, M.Y.; Kumar, V.; Alam, M. ESEAP: ECC based secure and efficient mutual authentication protocol using smart card. J. Inf. Secur. Appl. 2020, 51, 102443. [Google Scholar] [CrossRef]
- Fereidooni, H.; Taheri, H.; Mahramian, M. E2E KEEP: End to End Key Exchange and Encryption Protocol for Accelerated Satellite Networks. Int. J. Commun. Netw. Syst. Sci. 2012, 5, 228–237. [Google Scholar]
- Jiang, Q.; Ma, J.; Yang, C.; Ma, X.; Shen, J.; Chaudhry, S.A. Efficient end-to-end authentication protocol for wearable health monitoring systems. Comput. Electr. Eng. 2017, 63, 182–195. [Google Scholar] [CrossRef]
- Wang, Q.; Huang, X.; Mengistu, D. Session Key Agreement for End-to-End Security in Time-Synchronized Networks. In Proceedings of the 2018 Tenth International Conference on Ubiquitous and Future Networks (ICUFN), Prague, Czech Republic, 3–6 July 2018. [Google Scholar]
- Liu, D.; Liu, X.; Zhang, H.; Yu, H.; Wang, W.; Ma, L.; Chen, J.; Li, D. Research on End-to-End Security Authentication Protocol of NB-IoT for Smart Grid Based on Physical Unclonable Function. In Proceedings of the 2019 IEEE 11th International Conference on Communication Software and Networks (ICCSN), Chongqing, China, 14–16 June 2019. [Google Scholar]
- Nashwan, S. An End-to-End Authentication Scheme for Healthcare IoT Systems Using WMSN. Comput. Mater. Contin. 2021, 68, 607–642. [Google Scholar] [CrossRef]
- Pérez, S.; Hernández-Ramos, J.L.; Raza, S.; Skarmeta, A. Application Layer Key Establishment for End-to-End Security in IoT. IEEE Internet Things J. 2020, 7, 2117–2128. [Google Scholar] [CrossRef]
- Raj, B.S.S.; Venugopalachar, S. Multi-data Multi-user End to End Encryption for Electronic Health Records Data Security in Cloud. Wirel. Pers. Commun. 2022, 125, 2413–2441. [Google Scholar] [CrossRef]
- Alsaeed, N.; Nadeem, F. Authentication in the Internet of Medical Things: Taxonomy, Review, and Open Issues. Appl. Sci. 2022, 12, 7487. [Google Scholar] [CrossRef]
- Deebak, B.D.; Al-Turjman, F. Smart Mutual Authentication Protocol for Cloud Based Medical Healthcare Systems Using Internet of Medical Things. IEEE J. Sel. Areas Commun. 2021, 39, 346–360. [Google Scholar] [CrossRef]
- Chiou, S.-Y.; Ying, Z.; Liu, J. Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment. J. Med. Syst. 2016, 40, 101. [Google Scholar] [CrossRef] [PubMed]
- Hsu, C.L.; Le, T.V.; Hsieh, M.C.; Tsai, K.Y.; Lu, C.F.; Lin, T.W. Three-Factor UCSSO Scheme with Fast Authentication and Privacy Protection for Telecare Medicine Information Systems. IEEE Access 2020, 8, 196553–196566. [Google Scholar] [CrossRef]
- Yuanbing, W.; Wanrong, L.; Bin, L. An Improved Authentication Protocol for Smart Healthcare System Using Wireless Medical Sensor Network. IEEE Access 2021, 9, 105101–105117. [Google Scholar] [CrossRef]
- Farash, M.S.; Turkanović, M.; Kumari, S.; Hölbl, M. An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Netw. 2016, 36, 152–176. [Google Scholar] [CrossRef]
- Le, T.V.; Lu, C.F.; Hsu, C.L.; Do, T.K.; Chou, Y.F.; Wei, W.C. A Novel Three-Factor Authentication Protocol for Multiple Service Providers in 6G-Aided Intelligent Healthcare Systems. IEEE Access 2022, 10, 28975–28990. [Google Scholar] [CrossRef]
- Shuai, M.; Xiong, L.; Wang, C.; Yu, N. A secure authentication scheme with forward secrecy for industrial internet of things using Rabin cryptosystem. Comput. Commun. 2020, 160, 215–227. [Google Scholar] [CrossRef]
- Xu, D.; Chen, J.; Liu, Q. Provably secure anonymous three-factor authentication scheme for multi-server environments. J. Ambient. Intell. Humaniz. Comput. 2019, 10, 611–627. [Google Scholar] [CrossRef]
- Lin, T.-W.; Hsu, C.L.; Le, T.V.; Lu, C.F.; Huang, B.Y. A Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems. Sensors 2021, 21, 2880. [Google Scholar] [CrossRef]
- Meshram, C.; Ibrahim, R.W.; Deng, L.; Shende, S.W.; Meshram, S.G.; Barve, S.K. A robust smart card and remote user password-based authentication protocol using extended chaotic maps under smart cities environment. Soft Comput. 2021, 25, 10037–10051. [Google Scholar] [CrossRef]
- Shohaimay, F.; Ismail, E.S. Improved and Provably Secure ECC-Based Two-Factor Remote Authentication Scheme with Session Key Agreement. Mathematics 2023, 11, 5. [Google Scholar] [CrossRef]
- Alliance, S.C. Smart Cards and Biometrics; The Smart Card Alliance Physical Access Council: Princeton Junction, NJ, USA, 2011. [Google Scholar]
- Zhang, L.; Zhang, Y.; Tang, S.; Luo, H. Privacy Protection for E-Health Systems by Means of Dynamic Authentication and Three-Factor Key Agreement. IEEE Trans. Ind. Electron. 2018, 65, 2795–2805. [Google Scholar] [CrossRef] [Green Version]
- Wong, A.M.-K.; Hsu, C.L.; Le, T.V.; Hsieh, M.C.; Lin, T.W. Three-Factor Fast Authentication Scheme with Time Bound and User Anonymity for Multi-Server E-Health Systems in 5G-Based Wireless Sensor Networks. Sensors 2020, 20, 2511. [Google Scholar] [CrossRef]
- Sowjanya, K.; Dasgupta, M.; Ray, S. Elliptic Curve Cryptography based authentication scheme for Internet of Medical Things. J. Inf. Secur. Appl. 2021, 58, 102761. [Google Scholar] [CrossRef]
- Dworkin, M.J.; Barker, E.B.; Nechvatal, J.R.; Foti, J.; Bassham, L.E.; Roback, E.; Dray, J.F., Jr. Announcing the Advanced Encryption Standard (AES); National Institute of Standards and Technology: Gaithersburg, MD, USA, 2001.
- Alraih, S.; Shayea, I.; Behjati, M.; Nordin, R.; Abdullah, N.F.; Abu-Samah, A.; Nandi, D. Revolution or Evolution? Technical Requirements and Considerations towards 6G Mobile Communications. Sensors 2022, 22, 762. [Google Scholar] [CrossRef]
- Mangard, S.; Oswald, E.; Popp, T. Power Analysis Attacks: Revealing the Secrets of Smart Cards; Springer Science & Business Media: Berlin/Heidelberg, Germany, 2007. [Google Scholar]
- Liu, W.; Wang, X.; Peng, W.; Xing, Q. Center-Less Single Sign-On with Privacy-Preserving Remote Biometric-Based ID-MAKA Scheme for Mobile Cloud Computing Services. IEEE Access 2019, 7, 137770–137783. [Google Scholar] [CrossRef]
- Barker, E. Recommendation for Key Management; Part 1, Revision 4; NIST Special Publication: Gaithersburg, MD, USA, 2016; pp. 800–857.
Notation | Description |
---|---|
server | |
patient | |
Private key, public key of | |
Certificate of | |
Signature of ’s message signed by | |
Basic point on the curve | |
Identity of | |
Password of | |
Biometrics of | |
Timestamp | |
Concatenation operation | |
⊕ | Exclusive-or (XOR) operation |
One-way hash function, biohash function | |
Symmetric encryption, decryption algorithms using key k | |
Storage parameters in ’s smart card | |
Storage parameters in ’s mobile device |
The Hash query is simulated as follows, where is a message. If the record (, ) is found in the list , return ; otherwise, choose a and add (, ) into ; in this way, a similar procedure is performed to create . |
Simulation of the Reveal(ℂ) query is simply performed as follows. Once ℂ is in an accepted state, the session key formed by ℂ is returned. |
Simulation of the Test(ℂ) query is performed as follows. ℂtosses the coin . If , the query returns an available ; otherwise, the query returns a random number. |
The query Corrupt() is simulated as follows. If , the query outputs . If , the query outputs . If , the query outputs the parameters stored in or . |
Simulation of the Execute(, ) query occurs in succession to simulation of the Send(ℂ, ) query, which is described as follows. sends to , and sends to . We have: <> ← Send(, start), <> ← Send(, <>) Finally, and are returned. |
Following the rules of the proposed protocol, the Send query is executed below.
|
Functionalities | [11] | [12] | [13] | [17] | [19] | [20] | [22] | [24] | [25] | [26] | [27] | Mine |
---|---|---|---|---|---|---|---|---|---|---|---|---|
Provision of IoLT-based U-healthcare application | × | × | × | × | × | × | × | × | × | × | × | √ |
Provision of E2E communication | √ | √ | √ | × | × | × | × | × | × | × | × | √ |
Provision of cross-server communication | × | × | × | × | × | × | × | × | × | × | × | √ |
Provision of three-factor authentication | × | × | × | × | √ | × | √ | √ | × | × | × | √ |
Provision of centerless authentication | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ |
Provision of SC-SSO solution | × | × | × | × | √ | × | √ | × | √ | × | × | √ |
Provision of user anonymity | – | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ |
Provision of user untraceability | – | √ | √ | √ | √ | √ | √ | √ | × | × | √ | √ |
Provision of message unlinkability | – | √ | √ | √ | √ | √ | √ | √ | × | × | √ | √ |
Provision of robust mutual authentication | – | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ |
Provision of perfect forward secrecy | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ |
Provision of user password update | – | – | √ | – | √ | √ | √ | √ | √ | √ | √ | √ |
Provision of user biometrics update | – | – | – | – | × | – | × | √ | – | – | – | √ |
Provision of mathematical security proof | × | × | × | × | √ | × | √ | √ | × | × | √ | √ |
Resistance to DoS attacks | √ | √ | √ | √ | √ | √ | √ | √ | × | √ | √ | √ |
Resistance to MITM attacks | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ |
Resistance to replay attacks | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ |
Resistance to online password guessing attacks | – | – | √ | – | √ | √ | √ | √ | √ | √ | √ | √ |
Resistance to offline password guessing attacks | – | – | √ | – | √ | √ | √ | √ | √ | √ | √ | √ |
Resistance to stolen smart card attacks | – | – | √ | √ | √ | √ | √ | √ | × | √ | √ | √ |
Resistance to impersonation attacks | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ | √ |
Resistance to insider attacks | √ | √ | √ | √ | √ | √ | √ | √ | – | √ | √ | √ |
Resistance to desynchronization attacks | √ | √ | √ | √ | √ | √ | √ | √ | √ | × | √ | √ |
Protocols | Total Communication Rounds | |
---|---|---|
Le et al. [22] | 2 | 512 |
Xu et al. [24] | 3 | 1344 |
Lin et al. [25] | 3 | 5736 |
Meshram et al. [26] | 2 | 3072 |
Shohaimay and Ismail [27] | 3 | 1376 |
Mine | 2 | 1088 |
Protocols | Side | ||||
---|---|---|---|---|---|
Le et al. [22] | + + 9 | ≈0.00744 | + 2 + 8 | ≈1.17560 | ≈1.18304 |
Xu et al. [24] | + 4 + 9 | ≈2.54621 | 3 + 5 | ≈1.52745 | ≈4.07366 |
Lin et al. [25] | ≈0.06353 | ≈0.06215 | ≈0.12568 | ||
Meshram et al. [26] | 2 + 11 | ≈0.06521 | 2 + 9 | ≈0.06383 | ≈0.12904 |
Shohaimay and Ismail [27] | 4 + 2 + 7 | ≈2.05063 | 4 + + 5 | ≈2.04235 | ≈4.09298 |
Mine | ≈2.03530 | ≈1.52592 | ≈3.56122 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the author. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Le, T.-V. Cross-Server End-to-End Patient Key Agreement Protocol for DNA-Based U-Healthcare in the Internet of Living Things. Mathematics 2023, 11, 1638. https://doi.org/10.3390/math11071638
Le T-V. Cross-Server End-to-End Patient Key Agreement Protocol for DNA-Based U-Healthcare in the Internet of Living Things. Mathematics. 2023; 11(7):1638. https://doi.org/10.3390/math11071638
Chicago/Turabian StyleLe, Tuan-Vinh. 2023. "Cross-Server End-to-End Patient Key Agreement Protocol for DNA-Based U-Healthcare in the Internet of Living Things" Mathematics 11, no. 7: 1638. https://doi.org/10.3390/math11071638
APA StyleLe, T. -V. (2023). Cross-Server End-to-End Patient Key Agreement Protocol for DNA-Based U-Healthcare in the Internet of Living Things. Mathematics, 11(7), 1638. https://doi.org/10.3390/math11071638